Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/ab79adfe-f7aa-409f-9455-78c2f2264124.roa
File: ab79adfe-f7aa-409f-9455-78c2f2264124.roa (raw, json)
Hash identifier: yv/LLVLSkfc/sc5H/nWKcN0imBvJgFwQDKIs07MYoZY=
Subject key identifier: 6A:81:BF:17:AE:32:53:E3:21:D3:2D:00:CB:87:D5:22:75:C7:E4:B5
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 4E12FA9AF9CA9D451D2A7621689A2ED2EB642374
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/ab79adfe-f7aa-409f-9455-78c2f2264124.roa
Signing time: Mon 26 May 2025 15:10:23 +0000
ROA not before: Mon 26 May 2025 15:10:23 +0000
ROA not after: Mon 30 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc3:5880::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4e:12:fa:9a:f9:ca:9d:45:1d:2a:76:21:68:9a:2e:d2:eb:64:23:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: May 26 15:10:23 2025 GMT
Not After : Jun 30 23:59:59 2025 GMT
Subject: serialNumber=3682e57668c8147aa0914ee28fe129a72290b9885e150ac2e42bc567e17e656a, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:4e:a5:89:ff:08:4b:df:14:67:b3:5d:46:2b:
21:54:27:1b:36:ec:78:82:e2:bd:11:16:fb:80:28:
69:9a:cc:83:f1:6b:c5:ce:4d:ec:4a:1e:39:99:03:
7c:25:20:6b:b7:bc:8b:57:ff:7b:3b:0d:0a:89:04:
17:0d:88:06:a8:38:aa:b8:6c:15:a3:86:54:b2:61:
4b:2f:0d:71:89:4c:7a:4e:5f:35:f6:d2:ad:1b:2f:
1f:f6:34:c6:ba:0e:ea:06:f6:66:0c:0d:18:30:2f:
c6:a6:f2:41:1c:49:2f:ee:92:a7:7c:3a:eb:5f:75:
a5:b6:e3:ec:95:76:eb:a4:f1:60:dd:14:fd:c3:05:
51:f5:38:d5:bd:b6:0a:75:bc:aa:74:7e:c7:b7:9f:
d7:a1:4a:49:6f:c2:9c:a1:c4:38:89:dc:d4:e3:98:
f0:3c:e1:55:cf:f6:8c:69:6d:7a:fb:51:a7:8e:ed:
35:2a:d2:70:b9:cf:2a:7c:a1:9c:c1:19:62:1e:28:
c3:45:65:5b:55:e0:4c:04:da:33:5e:0d:2c:90:c6:
b1:5d:f1:6d:f6:54:4e:d5:39:76:56:2e:2f:00:80:
a5:e1:8a:9e:4c:c2:96:75:b4:82:29:e3:40:ad:e4:
1b:5a:fa:ee:5b:2a:34:10:4f:f5:08:31:83:97:d7:
c4:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:81:BF:17:AE:32:53:E3:21:D3:2D:00:CB:87:D5:22:75:C7:E4:B5
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/ab79adfe-f7aa-409f-9455-78c2f2264124.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc3:5880::/46
Signature Algorithm: sha256WithRSAEncryption
52:27:2c:92:10:72:84:7f:2c:ae:56:84:20:e0:f9:ed:1e:69:
03:0f:31:7a:f7:e2:b1:76:f6:88:1e:7f:67:70:0e:2f:fb:6a:
6f:55:d2:db:ae:d4:3e:69:0d:fb:85:6d:3b:67:ba:c6:79:94:
f8:f6:0c:e5:3c:0c:70:b2:b8:ad:3b:66:ba:b6:d5:5b:3e:25:
97:05:3f:78:65:3a:0e:85:c8:fc:dc:82:c0:bf:76:02:a1:dd:
31:7e:7f:e5:9f:47:e7:c1:b1:73:2e:59:c3:f6:83:b6:37:36:
bb:c2:08:8e:68:fd:87:42:1b:0c:c8:3e:f7:ce:0e:29:79:19:
64:9b:f1:51:c9:a6:99:40:0d:00:98:fc:86:b4:e5:86:90:02:
d9:eb:55:00:e6:f6:5d:3f:1b:e9:98:21:7c:32:c3:1b:7b:55:
37:a9:86:dd:13:2a:d0:33:c9:2c:fb:68:3f:02:49:1f:ae:05:
e2:59:8c:87:70:a4:42:e7:0a:77:0c:0b:d6:e7:2d:e5:82:93:
5e:de:0e:06:b8:2e:ca:77:9a:54:79:6a:c4:44:a2:50:59:94:
95:7a:56:ee:0d:d6:e7:6d:c3:6c:33:69:93:84:05:3b:53:82:
44:62:5c:90:9e:b6:dd:55:34:2b:18:2a:49:a2:3a:7b:46:db:
04:70:66:bb
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUThL6mvnKnUUdKnYhaJou0utkI3QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA1MjYxNTEwMjNaFw0yNTA2MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDM2ODJlNTc2NjhjODE0N2FhMDkxNGVlMjhmZTEyOWE3MjI5MGI5ODg1ZTE1
MGFjMmU0MmJjNTY3ZTE3ZTY1NmExLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALNOpYn/CEvfFGezXUYrIVQnGzbseILivREW+4AoaZrMg/Frxc5N7EoeOZkD
fCUga7e8i1f/ezsNCokEFw2IBqg4qrhsFaOGVLJhSy8NcYlMek5fNfbSrRsvH/Y0
xroO6gb2ZgwNGDAvxqbyQRxJL+6Sp3w66191pbbj7JV266TxYN0U/cMFUfU41b22
CnW8qnR+x7ef16FKSW/CnKHEOInc1OOY8DzhVc/2jGltevtRp47tNSrScLnPKnyh
nMEZYh4ow0VlW1XgTATaM14NLJDGsV3xbfZUTtU5dlYuLwCApeGKnkzClnW0ginj
QK3kG1r67lsqNBBP9Qgxg5fXxM8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRqgb8X
rjJT4yHTLQDLh9UidcfktTAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
YWI3OWFkZmUtZjdhYS00MDlmLTk0NTUtNzhjMmYyMjY0MTI0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAiABP8NY
gDANBgkqhkiG9w0BAQsFAAOCAQEAUicskhByhH8srlaEIOD57R5pAw8xevfisXb2
iB5/Z3AOL/tqb1XS267UPmkN+4VtO2e6xnmU+PYM5TwMcLK4rTtmurbVWz4llwU/
eGU6DoXI/NyCwL92AqHdMX5/5Z9H58Gxcy5Zw/aDtjc2u8IIjmj9h0IbDMg+984O
KXkZZJvxUcmmmUANAJj8hrTlhpAC2etVAOb2XT8b6ZghfDLDG3tVN6mG3RMq0DPJ
LPtoPwJJH64F4lmMh3CkQucKdwwL1uct5YKTXt4OBrguyneaVHlqxESiUFmUlXpW
7g3W523DbDNpk4QFO1OCRGJckJ623VU0KxgqSaI6e0bbBHBmuw==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:59:57 2025 by rpki-client